Active Directory

Alyssa Snow, Blue Team, External/Internal, General InfoSec Tips & Tricks, How-To, Informational, InfoSec 101, Red Team Active Directory, ADCS, exploit

Abusing Active Directory Certificate Services (Part 3)

| Alyssa Snow In PART ONE and PART TWO of this blog series, we discussed common misconfigurations of Active Directory certificate templates. In this post, we will walk through exploitation […]

Read the entire post here

Alyssa Snow, Blue Team, External/Internal, How-To, Informational, Red Team, Red Team Tools Active Directory, exploit

Abusing Active Directory Certificate Services – Part 2

| Alyssa Snow Misconfigurations in Active Directory Certificate Services (ADCS) can introduce critical vulnerabilities into an Enterprise Active Directory environment, such as paths of escalation from low privileged accounts to […]

Read the entire post here

How Attackers Use SSH.exe as a Backdoor Into Your Network (5)

Alyssa Snow, Blue Team, External/Internal, How-To, Informational, Red Team, Red Team Tools Active Directory, exploit

Abusing Active Directory Certificate Services – Part One

| Alyssa Snow Active Directory Certificate Services (ADCS)1 is used for public key infrastructure in an Active Directory environment. ADCS is widely used in enterprise Active Directory environments for managing […]

Read the entire post here

Author, Blue Team, Informational, Kent Ickler Active Directory, bloodhound, BloodHoundAD, Control Paths, Domains, PlumHound, Purple Team, reports, System Administration

PlumHound Reporting Engine for BloodHoundAD

Kent Ickler // It’s been over two years since Jordan and I talked about a Blue Team’s perspective on Red Team tools. A Blue Team’s Perspective on Red Team Hack […]

Read the entire post here

00427_01072020_WebcastLetsTalkAboutElkBaby

Author, Blue Team, Blue Team Tools, How-To, Informational, Jordan Drysdale, Kent Ickler, Podcasts, Webcasts Active Directory, applocker, Atomic Red Team, ATT&CK, ELK, Group Policies, Jordan Drysdale, Kent Ickler, Sysmon, Windows logging, Winlogbeat

Webcast: Let’s Talk About ELK Baby, Let’s Talk About You and AD

BHIS’ Defensery Driven Duo Delivers Another Delectable Transmission! We know you are worried about your networks. After hours of discussion, we’ve come to the realization that some of our dedicated […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

00399_08192019_WEBCAST_WeaponizingAD (1)

Author, David Fletcher, How-To, Informational, Red Team Tools, Webcasts Active Directory, CredDefense Toolkit, David Fletcher, kerberoasting, password spraying, ResponderGuard

Webcast: Weaponizing Active Directory

Click on the timecodes to jump to that part of the video (on YouTube) Slides for this webcast can be found here: https://www.blackhillsinfosec.com/wp-content/uploads/2020/09/SLIDES_WeaponizingActiveDirectory.pdf 0:54 Background behind this webcast, what and […]

Read the entire post here

00334_08312018_ActiveDirectoryLeaksViaAzure

Author, Informational, Mike Felch, Red Team, Red Team Tools Active Directory, Azure, reconnaissance, Red Team

Red Teaming Microsoft: Part 1 – Active Directory Leaks via Azure

Mike Felch // With so many Microsoft technologies, services, integrations, applications, and configurations it can create a great deal of difficulty just to manage everything. Now imagine trying to secure […]

Read the entire post here

Author, Jordan Drysdale, Kent Ickler, Podcasts Active Directory, active directory best practices, AWS Active Directory setup, How to set up active directory

PODCAST: Active Directory Best Practices that Frustrate Pentesters

// Jordan Drysdale and Kent Ickler talk about Best Practices for setting up Active Directory. Bre joins as fake Sierra to host and ask questions from the audience since real […]

Podcast: Play in new window | Download

Subscribe: Apple Podcasts | Spotify | Amazon Music | RSS

Read the entire post here

Author, Blue Team, How-To, Jordan Drysdale, Kent Ickler, Webcasts Active Directory, AD, AWS, Best Practices, Blue Team, Defender, Federation Services, Firewall, Group Policies, Groups, Infrastructure, Job Functional Roles, Jordan Drysdale, Jugular, Kent Ickler, LAPS, LLMNR, LSDOU, Naming Conventions, security, Sysmon, webcast, webcasts, whitelisting

Active Directory Best Practices to Frustrate Attackers: Webcast & Write-up

Kent Ickler & Jordan Drysdale // BHIS Webcast and Podcast This post accompanies BHIS’s webcast recorded on August 7, 2018, Active Directory Best Practices to Frustrate Attackers, which you can view below. […]

Read the entire post here

1 2